Method and system for controlling a physical object to be shared by several potential users

ABSTRACT

An embodiment method for controlling a physical object to be shared by several potential users and in an enclosure in an open state or in a closed state includes detecting a presence or an absence of the object in the enclosure in the closed state via a first wireless link between the object and a reader situated in the enclosure, the first wireless link being contained in the enclosure in the closed state. The method also includes transmitting a first information item representative of the presence or of the absence of the object in the enclosure to a computer server via a second link and an internet network, the computer server being accessible via a website configured to be managed by an administrator.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to French Patent Application No.1752301, filed on Mar. 21, 2017, which application is herebyincorporated herein by reference.

TECHNICAL FIELD

Implementations and embodiments of the invention relate to a method andsystem for controlling a physical object to be shared by severalpotential users.

BACKGROUND

In recent years, the collaborative economy, notably in the form of thesharing economy, arising from the convergence of digital and socialinnovation, has been expanding rapidly around the world and is beginningto change the way of life of a large number of people.

With services accessible via dedicated websites, it is possible toshare, particularly between individuals, dwellings, offices, cars,boats, second-hand products, etc.

In most cases, this kind of sharing requires a physical meeting betweenparties, for example the owner of the thing or the agent and at leastone user of at least one thing to be shared, for example, to handover andwelling or car key in person.

In other cases, owners and renters of this kind of sharing can use, forexample, a conventional safe accessible by password, to transmit keys orthings of high value to be shared.

There is thus a need to propose a system of things to be shared thatmakes it possible to remotely perform a respective access control foreach user, a remote verification of the presence or of the absence ofthe keys or of the things to be shared in a predetermined place, and atracking, that can be consulted remotely, of the actual access of eachuser to these things and of different parameters of the system.

A conventional safe does not allow an administrator to generate apassword dedicated to each user without physical intervention on thesafe after each use, to authorise given time bands, and to know whatuser has had access to the safe and the exact moment of the access.

SUMMARY

Embodiments of this disclosure relate to the internet of things,commonly referred to by those skilled in the art by the acronym IoT, andmore particularly to systems containing one or more objects connected toan internet network and designed to be shared by several potential usersin total security. Embodiment systems allow remote control of the one ormore objects, for example control of the placement of and/or access tothe one or more objects by these potential users.

According to one aspect, there is proposed a method for controlling atleast one object designed to be shared by several users and designed tobe deposited in at least one enclosure, in particular secured, forexample, a safe, suitable for being in an open state or in a closedstate. The method includes detecting the presence or of the absence ofthe at least one thing in the at least one enclosure in the closed statevia a first wireless link, for example, a short-range link, inparticular of the “Bluetooth” type, between the object and a readersituated in the enclosure, the first wireless link being contained inthe enclosure in the closed state, for example, by using a metalenclosure. The method further includes transmitting, via an internetnetwork and a second link, for example, a long-range link, in particularwireless or Ethernet, between the at least one enclosure and theinternet network, of a first information item representative of thepresence or of the absence of the at least one object in the enclosureto at least one computer server accessible via a website configured tobe managed by an administrator.

The method can, for example, further include managing the access controlof the at least one enclosure from the website via the internet networkand the second link.

Such a method advantageously allows a centralized management of theaccess control of the at least one enclosure via a website and a remotetracking of the state of the presence or the absence of the at least onething to be shared, which makes it possible to offer a time-stamping ofeach take-over or hand-over of the thing.

As a non-limiting example, the management of the access control canfurther be performed via a third channel, for example, a telephone link,a mobile internet link, by post, or similar, put in place between theadministrator and the actual user of the shared thing.

According to one implementation, managing the access control includesgenerating a reference opening code of the enclosure and transmittingthe reference code to the actual user by the administrator via the thirdchannel, for example, by a text message (“Short Message Service” orSMS), of email, of fax, of mail, or a conversation during a telephonecall. Managing the access control may further include entering orreceiving an opening code on an input interface coupled to theenclosure, transmitting the opening code to the computer server via thesecond link and the internet network, and comparing the referenceopening code transmitted and the entered opening code received by thecomputer server so as to obtain an authorization or a refusal to openthe at least one enclosure as a function of the result of thecomparison. Managing the access control may additionally includetransmitting a second information item representative of theauthorization or the refusal to the enclosure via the internet networkand the second link.

In this way, all the management of the access control is performed fromthe computer server via the website and the administrator of the systemcan generate a dedicated reference opening code for each user. Moreover,the period of validity of each reference opening code can also bemanaged by the administrator.

The reference opening code can, for example, be one or more of apassword, a Bluetooth authentication code, an NFC (Near FieldCommunication) identification code, a barcode, or a QR (Quick Response)code.

According to another implementation, the management of the accesscontrol includes recognizing at least one corporeal characteristic ofthe actual user of the thing.

Advantageously, such a management of the control makes it possible tooffer a higher level of security for a more demanding system.

According to this other implementation, managing the access controlincludes storing at least one reference corporeal characteristic in theat least one computer server via the website, collecting at least onecorporeal characteristic on a collection interface coupled to theenclosure, and transmitting the at least one collected corporealcharacteristic to the at least one computer server via the second linkand the internet network. Managing the access control may furtherinclude comparing the at least one reference corporeal characteristicand the at least one collected corporeal characteristic received so asto obtain an authorization or a refusal to open the at least oneenclosure as a function of the result of the comparison, andtransmitting a second information item representative of theauthorization or of the refusal to the enclosure via the internetnetwork and the second link.

For indication but in a non-limiting manner, the at least one referencecorporeal characteristic can, for example, include at least one of avoice signature, a facial image, a fingerprint, or an iris print.

According to yet another implementation, the management of the accesscontrol further includes detecting the open state or closed state of theat least one enclosure and a transmission of a third information itemrepresentative of the open state or closed state after each change fromthe open state or closed state of the enclosure to the computer servervia the second link and the internet network.

Consequently, the administrator of the system can advantageously trackthe open or closed state of the enclosure remotely at any time. Thedetection of the presence or of the absence of the at least one thing isperformed when the closed state of the enclosure is detected so as toensure that the detection is indeed performed within the enclosure.

The method can, for example, further includes a detection of at leastone physical parameter of the at least one enclosure and a transmissionof a fourth information item representative of the at least one physicalparameter after each change of the at least one physical parameter, tothe computer server via the second link and the internet network.

Such a method allows the administrator to track the different physicalparameters of the enclosure remotely. In case of a problem on theenclosure, the administrator can be notified by the computer server.

According to one implementation, the at least one physical parameter maybe the temperature, the position, the humidity, or the acceleration ofthe enclosure, or, when the at least one enclosure includes at least onebattery, the level of charge of the at least one battery.

According to one implementation, detecting the presence or of theabsence of at least one shared thing further includes a capturing animage of the internal content of the at least one enclosure in theclosed state and a transmission of the image to the computer server.

The administrator of the system can advantageously obtain a visual proofthat can be consulted remotely concerning the presence or the absence ofthe at least one thing using this photographing of the internal contentof the enclosure.

According to one implementation, the first link is based on one or moreof Bluetooth SMART, NFC, IEEE 802.15.1 or radio frequency identification(RFID), and the second link is based on one or more of Long Range WideArea Network (or LoRa), SigFox, WiFi (IEEE 802.11, Wireless Fidelity),or Ethernet.

It should be noted that it may be preferable to establish the first linkbased on the Bluetooth SMART technology because of the low consumptionand the second link based on the LoRa or SigFox technology because ofnational range and the low consumption.

According to another aspect, a system is proposed. This system includesat least one enclosure, for example, secured, configured to be in anopen state or in a closed state. The system may further include at leastone object designed to be shared by several users and designed to bedeposited in the at least one enclosure, and at least one computerserver accessible via a website configured to be managed by anadministrator. The at least one enclosure may include a readerconfigured to establish a first wireless link between the at least onething and the reader, the at least one thing being equipped with amodule capable of cooperating with the reader via the first wirelesslink, the enclosure being configured such that the first link remainscontained in the enclosure in the closed state. The at least oneenclosure may further include a communications circuit configured toestablish a second link between the enclosure and an internet network,and a processor configured to detect the presence or the absence of thething in the enclosure in the closed state via the first link, totransmit a first information item representative of the presence or ofthe absence to the computer server via the internet network and thesecond link.

The server can, for example, further be configured to manage the accesscontrol of the at least one enclosure from the website via the internetnetwork and the second link.

As a non-limiting example, the server can further be configured tomanage the access control via a third channel put in place between theadministrator and the actual user of the shared thing.

According to one embodiment, the server is configured to generate areference opening code of the enclosure and to transmit the referencecode to the actual user via the third channel. In this embodiment, theenclosure includes an input interface configured to receive an entry ofan opening code, and the processor is configured to transmit the enteredopening code to the computer server via the second link and the internetnetwork. The server is further configured to perform a comparisonbetween the transmitted reference code and the entered opening codereceived so as to obtain an authorization or a refusal to open the atleast one enclosure as a function of the result of the comparison, and atransmission of a second information item representative of theauthorization or of the refusal to the enclosure via the internetnetwork and the second link.

As a non-limiting example, the reference opening code can, for example,be one or more of a password, a Bluetooth authentication code, an NFCidentification code, a barcode, or a QR code.

According to another embodiment, the computer server is furtherconfigured to manage the access control of the at least one enclosurevia a recognition of at least one corporeal characteristic of an actualuser.

According to this other embodiment, the computer server is configured tostore, in a memory, at least one reference corporeal characteristic viathe website. In this embodiment, the enclosure further includes acollection interface configured to collect the at least one corporealcharacteristic, and the processor is configured to transmit the at leastone collected corporeal characteristic to the server via the second linkand the internet network. The server is further configured to perform acomparison between the at least one reference corporeal characteristicand the at least one collected corporeal characteristic received so asto obtain an authorization or a refusal to open the at least oneenclosure as a function of the result of the comparison, and atransmission of a second information item representative of theauthorization or of the refusal to the enclosure via the internetnetwork and the second link.

The at least one reference corporeal characteristic can, for example,include at least one of a voice signature, a facial image, afingerprint, or an iris print.

As an indication but in a non-limiting manner, the at least oneenclosure further includes an additional detector, configured todetermine the open state or closed state of the enclosure and theprocessor is further configured to transmit a third information itemrepresentative of the open state or closed state after each change fromthe open state or closed state of the enclosure to the computer servervia the second link and the internet network.

According to one embodiment, the at least one physical parameter may beone or more of the temperature, the position, the humidity, or theacceleration of the enclosure, or, when the at least one enclosureincludes at least one battery, the level of charge of the at least onebattery.

According to one embodiment, the at least one enclosure includes animage-capture device configured to take at least one image of theinternal content of the at least one enclosure in the closed state so asto detect the presence or the absence of at least one thing and theprocessor is configured to transmit, to the computer server, the atleast one image taken.

According to one embodiment, the reader is compatible with at least oneof Bluetooth SMART, NFC, IEEE 802.15.1, or RFID, and the communicationscircuit is compatible with at least one of LoRa, SigFox, WiFi, orEthernet.

As a non-limiting example, the at least one enclosure can, for example,include a metal safe.

It should be noted that such a metal safe advantageously makes itpossible to ensure that the first wireless link remains contained in theenclosure in the closed state.

According to another aspect, a microcontroller is proposed incorporatingthe processor of the system as defined above, for example, themicrocontroller marketed by the company STMicroelectronics under thereference STM32.

According to yet another aspect, an integrated circuit is proposedincorporating the reader, for example, compatible with the BluetoothSMART technology, of the system as defined above, for example, theextension card marketed by the company STMicroelectronics under thereference X-NUCLEO-IDB05A1.

According to yet another aspect, an integrated circuit is proposedincorporating the communications circuit of the system as defined above,for example, the long-range transceiver compatible with the LoRatechnology marketed by the company SEMTECH under the reference SX1272LoRa.

BRIEF DESCRIPTION OF THE DRAWINGS

Other advantages and features of various embodiments will becomeapparent on studying the details of non-limiting implementations andembodiments, and the attached drawings in which:

FIGS. 1 to 5 schematically illustrate implementations and embodiments ofa system for controlling an object designed to be shared by severalpotential users.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

FIG. 1 schematically illustrates an example of a system 1, according toan embodiment, designed to store at least one physical object 2 to beshared by several users. The object 2 may include a dwelling key, a carkey, or a jewel of high value, and the system 1 may be configured togrant an actual user access to each object 2 to be shared under accesscontrol.

The system 1 includes at least one enclosure, here a secured enclosure3, for example, at least one metal safe C1 and C2. Each securedenclosure 3 includes an open state OS and a closed state CS. The system1 also includes the object 2, for example, at least one rented dwellingkey 2, designed to be shared by users, for example, dwelling tenants,and designed to be deposited in the at least one safe 3. The system 1further includes at least one computer server 4, for example, a cloudcomputing services server, accessible via a website 5 and configured tobe managed by an administrator, for example, an owner of a dwellingintended to be rented out.

It should be noted that each enclosure C1 and C2 can have a differentsize so as to store the object 2 to be shared that has a size suited tothis enclosure. It should also be noted that each computer server 4 canalso be accessible via application software 5 (website) developed, forexample, for a mobile electronic apparatus such as smartphone or adigital tablet.

The access controls of each safe 3 may be performed by the computerserver 4 via the website 5 by using security protocols.

Consequently, the administrator of the system can remotely track thepresence or the absence of the object 2 and the open or closed state ofeach safe 3 via the website 5 without having to physically meet theusers.

Reference is now made to FIG. 2 to illustrate in more detail an exampleof the structure of the system 1 according to an embodiment.

For simplicity, the system 1 illustrated in FIG. 2 includes, as anon-limiting example, one metal safe 3, a dwelling key 2 designed to beshared by users and to be deposited in the safe 3, and a cloud computingservices server 4 that can be managed remotely by an administrator ofthe system 1 via an associated website 5.

More specifically, the safe 3 includes a reader 6 configured toestablish, between the key 2 and the reader 6, a first wireless link,for example, a short-range wireless link based on the wirelesscommunication technology conforming to the “Bluetooth” version 4.0 andabove standard, commonly known to those skilled in the art as “BluetoothSMART” or “Bluetooth Low Energy.” As an indication but in a non-limitingmanner, the reader 6 of the system 1 is incorporated in a dedicatedintegrated circuit, for example, the extension card marketed by thecompany STMicroelectronics under the reference X-NUCLEO-IDB05A1.

In order to establish the first link, the object 2 is equipped with amodule 7, for example, a tag 7 compatible with the “Bluetooth SMART”technology. The energy consumption of this tag 7 and of the reader 6 isadvantageously low by virtue of the use of this “Bluetooth SMART”technology.

It should be noted that it is perfectly possible to use othertechnologies such as near field communication (NFC), the one compatiblewith the IEEE 802.15.1 standard and that of the radiofrequencyidentification (RFID) type to establish the first link.

Moreover, the walls of the safe 3 are metal, which makes it possible, inthe closed state CS of the safe 3, to completely contain the firstwireless link in the safe 3.

Thus, if the safe 3 is closed, it is not possible to detect the object 2which would be taken in error or fraudulently out of the safe 3.

The safe 3 also includes communications circuit 8 (e.g., communicationmeans 8) configured to establish a second link between the safe 3 and aninternet network.

The second link is, in contrast to the first wireless link, based on along-range communication technology, for example, LoRa or SigFox, so asto obtain fewer constraints on the position of the safe 3 because theLoRa or SigFox network advantageously allows a wide national coverageand low energy consumption. When the safe 3 is placed in a nearbyposition in a building or in the basement of a building, the second linkcan be based on a conventional communication technology such as WiFi orEthernet.

In the case where the second link is based on a wireless communicationtechnology, the communications circuit 8 can further include acommunication antenna situated outside the safe 3 (e.g. attached to anouter wall of the safe 3).

It should be noted that the second link is established only whennecessary so as to reduce the overall energy consumption of the system1. By virtue of this low-consumption feature and the use of thetechnology based on “Bluetooth SMART”, the safe 3 can, for example, bepowered by a battery, by electrical mains or simply by an Ethernet cableconnected to an internet network.

Advantageously, the fact that the safe 3 can be powered by a batteryallows for the safe to be installed in a place far from an electricalinfrastructure.

As an example, the communications circuit 8 of the system 1 areincorporated in a dedicated integrated circuit, for example thelong-range transceiver compatible with the LoRa technology marketed bythe company SEMTECH under the reference SX1272 LoRa.

The safe 3 further includes an additional detector 9 (e.g., detectionmeans), for example, a door opening and closure sensor, configured todetect the open state OS or the closed state CS of the safe 3. The safe3 additionally includes processor 10, a microcontroller of the STM32type marketed by the company STMicroelectronics. The processor 10 isconfigured to perform the detection of the presence or the absence ofthe key 2 in the safe 3 via the first link when the closed state isdetected by the additional detector 9 and to transmit to the server 4 afirst signal S1 representative of the presence or of the absence of thekey 2 in the safe 3.

The safe 3 can further include at least one sensor, for example, asensor 11, configured to detect at least one physical parameter of thesafe 3, for example, the temperature, the position, the humidity, theacceleration, and, when the safe 3 includes at least one battery, thelevel of charge of each battery.

These physical parameters of the safe 3 are notably useful for theadministrator in order to quantitatively track the physical states ofthe safe 3 and detect any malicious act against the safe 3. Theprocessor 10 is further configured to transmit to the server 4 a fourthsignal S4 representative of each physical parameter. The administratorcan remotely consult the fourth signal S4 at any moment and receive anotification, even an alert, delivered by the server 4 as soon as ananomaly on each physical parameter is detected.

As an example, the detection of an abrupt acceleration of the safe 3 canprovoke a transmission of an alert relating to an attempt to move thesafe 3.

The safe 3 also includes an input interface 12, for example, an entrykeypad and a display screen, situated, for example, on a front surfaceof the safe 3 and configured to receive an opening code entered by auser via the entry keypad.

It should be noted that the processor 10 may be configured to activatethe reader 6 and the communications circuit 8 only when necessary, thatis to say, on exchanges of data with the computer server 4 so as tofurther reduce the overall energy consumption of the system 1.

Reference is now made to FIG. 3 to illustrate a method for controllingthe key 2 with the system 1 illustrated in FIG. 2.

In a particular case where a tenant would ask the owner to give him orher the key 2 to a rented dwelling in order to have access to thisdwelling, the owner can deposit the key 2 beforehand in the safe 3 andperform access control management of the safe 3 via the website 5.

In a first step STP1, a reference opening code ROC dedicated to thisuser is generated by the computer server 4 at the request of the owner.In other words, each user, here each tenant, can receive his or her ownreference opening code ROC, possibly with a period of validitypreconfigured by the owner via the computer server 4.

The reference opening code ROC can, for example, be at least one of apassword, a Bluetooth authentication code, an NFC identification code, abarcode, or a QR (Quick Response) code.

This reference opening code ROC is then transmitted to the user, forexample, via a third channel, for example, a text (Short MessageService, SMS) or an email (STP2).

Having arrived in proximity to the safe 3, the user can enter an openingcode EOC on the input interface 12 of the safe 3 in a third step STP3.The processor 10 is configured to transmit the opening code EOC enteredby the user to the computer server 4 (STP4) via the second link and theinternet network.

The server 4 is then configured to perform a fifth step STP5 ofcomparing the reference opening code ROC transmitted to the user and theopening code EOC entered by the user and received by the computer server4.

In the case where the entered opening code EOC is the same as thereference opening code ROC, the server 4 is configured to authorizeaccess to the safe 3. Otherwise, the access to the safe 3 is refused bythe server 4 (STP6).

In a seventh step STP7, a second signal S2 representative of theauthorization or of the refusal is delivered by the server 4 to the safe3 so as to grant access to the safe 3 or to display a false code messageon the input interface 12.

Moreover, all the attempts to access the safe 3 are stored on the server4 and can be consulted via the website 5. The owner can, for example, benotified via a text (SMS) or an email after three incorrect attempts toaccess the safe 3.

It should be noted that all the communications between the safe 3 andthe server 4 are secured with conventional security protocols. Theaccess of the administrator to the server 4 is, for example, protectedby a conventional password or a dynamic password associated with amobile phone of the owner.

In the case where the user has incorrectly entered the reference openingcode ROC, the request to access the safe 3 is refused by the server 4and the safe 3 remains in the closed state CS (STP8). The user is thenprompted to enter a new opening code again (STP3).

Otherwise, the safe 3 will switch to the open state OS following thereception of the second signal S2 representative of the authorization(STP9). The processor 10 transmits a third signal S3 representative ofthe open state OS or closed stated CS of the safe 3 to the server 4 soas to signal each change from this open state OS or closed state CS.

The user can then recover the key 2 with its tag 7 and reclose the doorof the safe 3 so as to return the safe 3 to the closed state CS (STP10).Since the key 2 with its tag 7 is now outside of the safe 3, the firstlink can no longer be established between the key 2 with its tag 7 andthe safe 3 because the first wireless link remains contained in the safe3 in the closed state CS.

In this case, the first signal S1 representative of the absence of thekey 3 is transmitted by the processor 10 to the server 4 via the secondlink and the internet network and the third signal S3 representative ofthe closed state CS is also transmitted to the server 4 in order toupdate this open state OS or closed state CS of the safe 3 that can beconsulted on the website 5 (STP11).

If there are several keys or things to be shared in the safe 3, each keyor thing is identified via the first link because each tag has a uniqueidentity number. The administrator can therefore track the presence orthe absence of each key or thing to be shared.

In a variant, to address certain demanding security levels, the safe 3can include a collection interface 13 in place of or in addition to theinput interface 12, and an image-capture device 14, for example, acamera (FIG. 4).

The collection interface 13 is configured to collect at least onecorporeal characteristic of the user. As an indication, but in anon-limiting manner, each corporeal characteristic can be the voice, theface, a fingerprint or an iris print of the user.

This collection interface 13 is arranged, for example, on a face of theenclosure 3 or is coupled to this enclosure 3. Its structure is suitedto the type of corporeal characteristic collected.

Referring to FIG. 5, there now follows a description of a method forcontrolling the key 2 with the system 1 according to the embodimentillustrated in FIG. 4.

According to this embodiment and the associated control method,potential users of the system 1 are prompted to pre-store their at leastone reference corporeal characteristic RCC in a memory of the computerserver 4 (STP1V).

Since each user has his or her own reference corporeal characteristicRCC, a transmission of the reference corporeal characteristic RCC fromthe server 4 to the user is not therefore necessary.

When a user arrives close to the safe 3, at least one corporealcharacteristic CCC of the user can be collected via the collectioninterface 13 (STP2V).

The processor 10 is then configured to transit to the server 4 eachcollected corporeal characteristic CCC via the second link and theinternet network (STP3V).

A comparison between each reference corporeal characteristic RCCprestored and each collected corporeal characteristic CCC received isperformed by the server 4 (STP4V).

The server 4 is further configured to determine an authorization or arefusal to open the safe 3 as a function of the result of the comparison(STP5V).

The second signal S2 representative of the authorization or of therefusal is then delivered by the server 4 to the safe 3 via the secondlink and the internet network (STP6V).

If the recognition of each corporeal characteristic is not successful onthe server 4, the access to the safe 3 is therefore refused and the safe3 remains in the closed state CS (STP7V). The user is then prompted tobegin the step of collection (STP2V) of each corporeal characteristic.

Otherwise, the server 4 authorizes the access to the safe 3 and the safe3 switches to the open state OS following the reception of the secondsignal S2 representative of the authorization (STP8V). The processor 10transmits a third signal S3 representative of the open state OS orclosed state CS of the safe 3 to the server 4 so as to signal eachchange from this open state OS or closed state CS.

The user can then recover the key 2 with its tag 7 and reclose the doorof the safe 3 so as to return the safe 3 to the closed state CS (STP9V).

The image-capture device 14 is then configured to take a photo of theinternal content of the safe 3 following the closure of the door of thesafe 3 (STP10V).

In effect, this image-capture device 14 is configured to remotelyprovide a real view of the internal content of the safe 3 in a casewhere the user has taken or returned the tag 7 of the key 3 without thekey 3. In other words, the tag 7 has been removed from the key 3.

The processor 10 is further configured to transmit this photo of theinternal content to the server 4 via the second link and the internetnetwork, so as to allow the administrator to view this photo andremotely re-check the presence or the absence of the key 2 (STP11V).

In the case of the absence of the key 2 and of the tag 7, the firstsignal S1 representative of the absence of the key 3 is transmitted bythe processor 10 to the server 4 via the second link and the internetnetwork, and the third signal S3 representative of the closed state CSis also transmitted to the server 4 in order to update this open stateOS or closed state CS of the safe 3 that can be consulted on the website5 (STP12V).

In the case of the incomplete presence or absence of the key 2 accordingto the photo taken by the image-capture device 14, the administrator isprompted to directly contact the last user who has had access to thesafe (STP13V). Since the user and the moment of each access are storedand can be consulted on the computer server 4, the administrator caneasily identify the last user in question.

Advantageously, in the case of errors including, in a non-limitingmanner, the following cases: door of the safe 3 not closed, enteredopening code incomplete, unknown tag presented in the safe 3, theprocessor 10 is further configured to transmit this error information tothe server 4 via the second link and the internet network, which allowsthe administrator to consult and remotely mange manage this errorinformation.

Thus, a system is obtained which includes at least one connected objectdesigned to be shared by several users and designed to be deposited inat least one enclosure, which allows the administrator of the system toremotely track the presence or the absence of each thing, the open orclosed state and physical parameters of each enclosure.

Since all the management of the access control is performed via acomputer server, it does not require any extensive modification onexisting enclosures.

The use of a reader compatible with the “Bluetooth SMART” technology andof communications circuit compatible with technology such as LoRa orSigFOX advantageously makes it possible to obtain greater freedom on theplace of installation of the safe and the scope of application of such asystem.

Furthermore, through the use of these low-consumption technologies:“Bluetooth SMART”, “LoRa” and “SigFox”, and the activation of the readerand of the communications circuit only in case of need, such a systemconsumes very little and can advantageously be powered by a battery.Obviously such a system can also have a hybrid power supply: electricalmains and battery. Moreover, in case of placement of an enclosureoutdoors, such a system can advantageously use a battery that can berecharged by photovoltaic panels.

The enclosure may be different from a safe and its metal nature is onlya non-limiting example of a structure making it possible to contain awireless link inside the enclosure. It would, for example, be possibleto use a Faraday cage or a meshing embedded in the walls of theenclosure.

What is claimed is:
 1. A method comprising: having a physical object tobe shared by several potential users; having an enclosure that has anopen state and a closed state, the enclosure allowing access to thephysical object in the open state and prohibiting access to the physicalobject in the closed state; detecting a presence or an absence of theobject in the enclosure in the closed state via a first link between thephysical object and a reader situated in the enclosure, the first linkbeing contained in the enclosure in the closed state, the first linkbeing based on a low power short-range wireless communication networktechnology, wherein detecting the presence or the absence of thephysical object comprises capturing an image of an internal content ofthe enclosure when the enclosure switches from the open state to theclosed state and transmitting the image to a computer server;transmitting a first information item representative of the presence orof the absence of the physical object in the enclosure to the computerserver that is remote from the enclosure, via a second link and aninternet network, the computer server being accessible via a websiteconfigured to be managed by an administrator, the second link beingbased on a low power wide-area communication network technology; andmanaging access control of the enclosure from the website via theinternet network and the second link and via a third channel between theadministrator and an actual user of the physical object, whereinmanaging access control comprises: generating a reference opening codeof the enclosure, the reference opening code comprising a period ofvalidity preconfigured by the administrator; transmitting the referencecode to the actual user by the administrator via the third channel;receiving an opening code on an input interface coupled to theenclosure; transmitting the opening code to the computer server via thesecond link and the internet network; comparing, at the computer server,the reference opening code transmitted and the transmitted opening codereceived by the computer server; obtaining an authorization or a refusalto open the enclosure as a function of a result of the comparing and acorporeal characteristic of an authorized user of the physical object,and wherein the corporeal characteristic comprises at a voice signature,a facial image, or an iris print; and transmitting, from the computerserver to the enclosure, a second information item representative of theauthorization or the refusal to the enclosure via the internet networkand the second link.
 2. The method according to claim 1, wherein thereference opening code comprises a password.
 3. The method according toclaim 1, wherein managing the access control comprises: storing areference corporeal characteristic in the computer server via thewebsite; collecting corporeal characteristic on a collection interfacecoupled to the enclosure; transmitting the collected corporealcharacteristic to the computer server via the second link and theinternet network; comparing the reference corporeal characteristic andthe collected corporeal characteristic so as to obtain an authorizationor a refusal to open the enclosure as a function of a result of thecomparing; and transmitting a second information item representative ofthe authorization or the refusal to the enclosure via the internetnetwork and the second link.
 4. The method according to claim 1, whereinmanaging the access control further comprises detecting the open stateor the closed state of the enclosure, and transmitting a thirdinformation item representative of the open state or the closed stateafter each change from the open state or the closed state of theenclosure to the computer server via the second link and the internetnetwork.
 5. The method according to claim 1, further comprisingdetecting a physical parameter of the enclosure, and transmitting afourth information item representative of the physical parameter aftereach change of the physical parameter to the computer server via thesecond link and the internet network.
 6. The method according to claim5, wherein the physical parameter comprises temperature, position,humidity, or acceleration of the enclosure, or a level of charge of abattery of the enclosure.
 7. The method according to claim 1, whereinthe low power short-range wireless communication network technologycomprises Bluetooth SMART, and wherein the low power wide-area wirelesscommunication network technology comprises LoRa, or SigFox.
 8. Themethod according to claim 1, wherein the reference opening codecomprises a Bluetooth authentication code.
 9. The method according toclaim 1, wherein the reference opening code comprises an near fieldcommunication (NFC) identification code.
 10. The method according toclaim 1, wherein the reference opening code comprises a barcode.
 11. Themethod according to claim 1, wherein the reference opening codecomprises a quick response (QR) code.
 12. A system, comprising: anenclosure in one of an open state or a closed state, the enclosureconfigured to store a physical object to be shared by several users; areader configured to establish a first link with the physical object,the physical object being equipped with a module configured to cooperatewith the reader via the first link, the enclosure being furtherconfigured such that the first link remains contained in the enclosurein the closed state, the first link being based on a low powershort-range wireless communication network technology; a communicationscircuit comprising a long-range transceiver, the communication circuitconfigured to establish a second link between the enclosure and aninternet network, the second link being based on a low power wide-areawireless communication network technology; a processor configured todetect a presence or an absence of the physical object in the enclosurein the closed state via the first link, and to transmit a firstinformation item representative of the presence or of the absence of thephysical object to a computer server, remote from the physical objectand the enclosure, via the internet network and the second link, whereinthe processor is configured to obtain an authorization or a refusal toopen the enclosure as a function of a comparison, at the computerserver, between a reference code and an opening code entered by at leastone of the several users, wherein all of the components of the reader,the communications circuit, and the processor are disposed within theenclosure; an image-capture device configured to capture an image of aninternal content of the enclosure when the enclosure switches from theopen state to the closed state so as to detect the presence or theabsence of the object, wherein the processor is configured to transmitthe image to the computer server; and a collection interface configuredto collect a corporeal characteristic of an authorized user of theenclosure, wherein the corporeal characteristic comprises at a voicesignature, a facial image, or an iris print.
 13. The system according toclaim 12, wherein the enclosure comprises a sensor configured to detecta physical parameter of the enclosure, wherein the processor is furtherconfigured to transmit a second information item representative of thephysical parameter after each change of the physical parameter to thecomputer server via the second link and the internet network.
 14. Thesystem according to claim 13, wherein the physical parameter comprisestemperature, position, humidity, acceleration of the enclosure, or alevel of charge of a battery of the enclosure.
 15. The system accordingto claim 12, wherein the reader is compatible with Bluetooth SMART, andwherein the communications circuit is compatible with LoRa, or SigFox.16. The system according to claim 12, wherein the enclosure comprises ametal safe.
 17. The system according to claim 12, wherein the processorcomprises a microcontroller.
 18. The system according to claim 12,wherein the reader is comprised in an integrated circuit.
 19. The systemaccording to claim 12, wherein the communications circuit is comprisesin an integrated circuit.
 20. A system, comprising: an enclosure in oneof an open state or a closed state, the enclosure configured to store aphysical object to be shared by several users; a computer server remotefrom the enclosure, accessible via a website, and configured to bemanaged by an administrator; a reader configured to establish a firstlink with the physical object, the physical object being equipped with amodule configured to cooperate with the reader via the first link, theenclosure being further configured such that the first link remainscontained in the enclosure in the closed state, the first link beingbased on a low power short-range wireless communication networktechnology; a communications circuit comprising a long-rangetransceiver, the communication circuit configured to establish a secondlink between the enclosure and an internet network, the second linkbeing based on a low power wide-area wireless communication networktechnology; and a processor configured to detect a presence or anabsence of the physical object in the enclosure in the closed state viathe first link, and to transmit a first information item representativeof the presence or of the absence of the physical object to the computerserver via the internet network and the second link, the computer serverbeing further configured to manage access control of the enclosure fromthe website via the internet network and the second link, wherein thecomputer server is further configured to manage the access control via athird channel between the administrator and an actual user of thephysical object, wherein the computer server is configured to generate areference opening code of the enclosure and to transmit the referenceopening code to the actual user via the third channel; an image-capturedevice configured to capture an image of an internal content of theenclosure when the enclosure switches from the open state to the closedstate so as to detect the presence or the absence of the object, whereinthe processor is configured to transmit the image to the computerserver; a collection interface configured to collect a corporealcharacteristic of an authorized user of the enclosure, wherein thecorporeal characteristic comprises at a voice signature, a facial image,or an iris print, wherein all components of the reader, thecommunications circuit, the processor, and the image-capture device aredisposed in the enclosure; wherein the enclosure comprises an inputinterface configured to receive an opening code; wherein the processoris configured to transmit the opening code to the computer server viathe second link and the internet network, the opening code comprising aperiod of validity preconfigured by the administrator; wherein thecomputer server is further configured to compare the reference openingcode and the opening code received so as to obtain an authorization or arefusal to open the enclosure as a function of a result of thecomparison; and wherein the server is further configured to transmit asecond information item representative of the authorization or therefusal to the enclosure via the internet network and the second link.21. The system according to claim 20, wherein the reference opening codecomprises a password, a Bluetooth authentication code, an NFCidentification code, a barcode, or a QR code.
 22. The system accordingto claim 20, wherein the computer server is configured to store areference corporeal characteristic; wherein the processor is configuredto transmit the collected corporeal characteristic to the server via thesecond link and the internet network; and wherein the computer server isfurther configured to compare the reference corporeal characteristic andthe collected corporeal characteristic so as to obtain an authorizationor a refusal to open the enclosure as a function of a result of thecomparing, and to transmit a second information item representative ofthe authorization or the refusal to the enclosure via the internetnetwork and the second link.
 23. The system according to claim 20,wherein the enclosure further comprises a detector configured todetermine the open state or the closed state of the enclosure, andwherein the processor is further configured to transmit a thirdinformation item representative of the open state or the closed stateafter each change from the open state or the closed state of theenclosure to the computer server via the second link and the internetnetwork.